Today’s Scam of the day comes from my own email. Citibank is a popular bank with more than 200 million customers throughout the world, therefore identity thieves can feel pretty confident that when they send out an email blast that many of the people receiving the email will, in fact, be Citibank customers. This particular scam email follows a familiar pattern. It presents what would be a reasonable reason for responding by clicking on the link; in this case it is to add security features to your account to help prevent the very types of identity theft that this scam is actually attempting to perpetrate. It looks pretty official and the message doesn’t even have grammatical or spelling errors. However it is a total scam. If you click on the link in these types of scams one of two things will happen. Either you will be sent to a phony but official looking website where you will be prompted to provide personal information that will end up being used to make you a victim of identity theft or merely by clicking on the link, you will download keystroke logging malware programs that will steal the information from your computer or other device and use that information to make you a victim of identity theft. This identity theft tactic is called phishing.
Here is the email that I received. DO NOT CLICK ON THE LINK.
|“Dear Esteemed Customer,|
|We have added extra security to your Citi account to prevent identity theft on your account.To secure your Citi account, click the link below:|
|Note: You need to login using your email address and password to access before you can access the secured Citi network.|
|Best regards, Citi Customer Service”|
Regardless of how official an email or a text message may appear, you should never click on any links or download any attachments unless you are absolutely sure that it is legitimate. In the case of this particular email, it was sent from an address that was not an email address of Citibank which was a sure indication that it was a scam. Rather, it was sent from a computer address hacked into a botnet of compromised computers so that the identity thieves can send out phony emails that are difficult to trace back to the criminals. However, even an email originating from a legitimate looking email address, can be merely a phony email. In this particular case, if you have any thought that it might be legitimate, you should call or email Citibank at a telephone number or email address that you know is legitimate to confirm that it is a scam. Also, make sure that you keep your anti-malware and anti-virus software up to date on all of your electronic devices.